Kalispell Regional Healthcare Provides Notification of Data Security Event

Despite being named in the top quartile for data security readiness by a third party firm, Kalispell Regional Healthcare (KRH) was recently a victim of a highly sophisticated attack on our information technology systems. Safeguarding our patients and their personal information is a top priority, and we want our community to be aware of what happened and how we have addressed it.

This summer we discovered that several employees were victims of a well-designed email that led them to unknowingly provide their KRH login credentials to malicious criminals. We immediately disabled the employees’ accounts, notified federal law enforcement, and launched an investigation, which was performed by a nationally recognized digital forensics firm, to determine whether any personal information was affected. On August 28, 2019, we learned that some patients’ personal information may have been accessed without authorization. A deeper investigation specifically determined which patients’ information may have been accessed as early as May 24, 2019.

Different information may have been involved for each person. The information may have involved a patient’s name, Social Security number, address, medical record number, date of birth, telephone number, email address, medical history and treatment information, date of service, treating/referring physician, medical bill account number and/or health insurance information.

Although there is no indication that the information was misused, we have mailed notification letters to potentially-impacted patients to make them aware of the event and the steps they can take to protect their information. All notified patients are being offered complimentary fraud consultation and identity theft restoration services. In addition, the notification letters may also offer affected individuals 12 months of web and/or credit monitoring services at no charge, depending on what information was involved for that individual. In addition, we have taken further steps to revise procedures that will minimize the risk of a similar event from happening again.

Carrying any activity smoothly has become possible in today’s digital world. The network cabling installation is certainly responsible for it. There are many companies that rely on cabling services to increase their competency while improving the task of activating their daily routine. Linking with the exterior infrastructure is easy for the firms, and it had become possible because of the cabling service providers.

Fortunately, the cabling services through network cabling companies have come up as a boon for any organization. Now, computer, Internet, printer, other hardware devices can be connected to one another in any organization.

Why you hire network cabling services

Accept it or not, a good network cabling system is essential to run your business in a smooth manner. Since there are a lot of cabling service providers available in the marketplace, the task of building a network cabling structure is no longer tricky.

In today’s time, there are a lot of companies that specialize in cabling installation services. Therefore, you have a long list of services offered by the reputed cabling service providers now. Read on to learn more about their services.

1. Cabling service

Cabling service makes it easy to reduce cost, save time and improve the overall productivity of a company while speeding up the data transfer. Now, organizing and maintaining a procedure in an organization has become somewhat convenient.

2. Carrier service

It may not be easy to look at your Internet, telephone, cable company bills, contract, and services. This will not only consume your time but also bring a lot of confusion. Now, you can hire a cabling service provider to the job for you. The service provider brings an appropriate solution for your cable service needs.

3. Managed service

Optimizing the IT environment and monitoring or preparing for an emergency issue that requires immediate attention is now possible with managed service of cabling service providers. Their technicians will assist you with IT tasks and fix the errors that may cause you major harm. Now, dealing with day-to-day operations is no longer difficult for you.

4. Professional service

To run your business in a smooth manner and implementation of services in a smooth manner, you might need to hire a professional. The communication, network, security and maintenance service for your organization would be necessary. Instead of getting confused and being stuck in an unwanted situation, you should go for cabling service providers that offer professional services to operate your business in a convenient manner.

Planning is indeed an important step to take when you want to run a venture successfully. Efficient methods to ensure smooth operations would be necessary to avoid significant harms in the future. To make sure all the issues related to IT services are addressed, you can rely on cabling services providers without any doubt.

It is true that no one likes to face major harm when it comes to network cabling installation. In fact, maximizing the overall profit can be easy if you go for a reputed cabling service provider. But, before you hire one, be sure to look for the services they provide should meet your needs and goals.

Recover Your Data with StorageCraft OneXafe Continuous Immutable Snapshots

Ransomware threats continue to evolve and infect businesses, government, power companies, education and even hospitals. In 2018, an estimated $8 Billion in ransom was paid to anonymous attackers. The statistics are shocking, ransomware attacks on businesses are up 365% from Q2 2018 to Q2 20192. They are becoming more targeted, sophisticated, and successful at penetration. Unfortunately, many ransomware attacks continue to infiltrate despite the use of state-of-the-art prevention methods. In fact, 77% of organizations infected with ransomware were running up-to-date endpoint protection.

Ransomware can encrypt your files making it impossible to use them. The malware may lay dormant for weeks and may even delete your backups prior to the attack leaving you without a way to recover and forcing you to pay or lose your data.

StorageCraft OneXafe Continuous Immutable Snapshots to the Rescue

StorageCraft OneXafe storage protects your data with continuous immutable snapshots, every 90 seconds, so you’ll never have to worry again. An immutable snapshot is a copy of your data that simply cannot be overwritten or deleted by ransomware or users, because OneXafe and its patented distributed object store prevent that from happening. You can recover anytime, every time, making OneXafe the most effective protection in the market. Furthermore, OneXafe performs powerful inline deduplication on the continuous snapshots, reducing the data footprint.

Storage vendors claim their snapshots are immutable because it is simply read-only and cannot be changed. However this doesn’t protect the snapshot from being deleted or the snapshot volume from filling up. If your snapshots can be deleted and/or modified, are they truly immutable?

Enterprise Systems Corporation has the expertise to implement the StorageCraft OneXafe solution so you never have to worry again about ransomware.  Contact us today for more information.

Stolen passwords offer the fastest path into your network

Insecure password practices are exploited in 81% of cyber attacks worldwide, and 61% of all attacks target businesses with less than 1,000 employees.¹ While employee education and training can help, what’s most needed to reverse this trend is for authentication to require additional proof of identity beyond simple username and password, and to be widely deployed by all companies – no matter their size. Only then, will cyber criminals no longer be able to use stolen credentials to access and infect systems or steal data.

Are employees undermining company security with shared passwords?

Most employees are not intentionally trying to compromise company security; however you should ask yourself what password practices they now use to cope with the proliferation of online accounts requiring them. According to an often-quoted study by Microsoft Research, “The average user has 6.5 passwords, each of which is shared across 3.9 different sites. Each user has about 25 accounts that require passwords, and types an average of 8 passwords per day.”

A 2015 Dashlane survey revealed that each person had over 90 online accounts, and had to reset their password using a “forgot password” link for 37 of those accounts in the prior year. Companies that require frequent resetting of passwords make it even harder for users to craft strong passwords and then later recall them. In this environment, it’s understandable that users have simplified their passwords – creating ones that can be serialized – and limiting them to a few that are used across multiple accounts.

¹ Verizon’s 2017 Data Breach Investigations Report

This trend is evident when viewing the list
of worst passwords used:

For businesses, as employees use simpler and weaker passwords – this puts networked resources at a greater risk for breach. Even worse, when an employee’s credentials are stolen from other sites and the credentials happen to contain the same password that gives them entry to your privileged networks, then the hackers can walk right in the front door masquerading as the user…and you are none the wiser.

We’ve reached the limit of the protection that solely password-based access to systems can provide. What’s needed are additional measures to ensure the identity of the user…which is what multi-factor authentication (MFA) provides.

How are hackers stealing credentials?

Given that usernames and passwords are often the only hurdle to accessing systems that yield financial rewards, hackers have taken a keen interest in lifting them when they can. Some common ways to compromise this information include:

• Phishing/Spear-Phishing: Criminals use email to try to get users to enter credentials into web pages or forms. It will look convincingly like an email from a person or business that the user has a relationship with, and sometimes will be very targeted at a specific individual (spear-fishing) who is perceived to have a great deal of privileged system access.
• Brute Force: With simpler passwords coming back into use, criminals will try common passwords until they find one that works. They’ve even written automated scripts that circumvent simple protections such as a limit on the number of authentication attempts within a certain time window. Remember, for businesses without MFA, they just need any single username/password combination to work.
• Wi-Fi Evil Twin: Using an easy-to-find $99 device, criminals can sit in a crowded area and pretend to be a legitimate Wi-Fi hotspot. When people connect, then the criminal is effectively a MitM (man-in-the-middle), observing network traffic and even the keystrokes of a user while connected. Studies have shown that people regularly check bank accounts, shop online, and yes, even access company networks, while on public Wi-Fi.

Once they have valid credentials, they will use them to access systems and steal data, consume resources with botnets, install ransomware, and even steal more credentials that might unlock other networks and personal data.

Article Credit

Three school districts have been hit by ransomware in North Louisiana this week.

Louisiana Governor John Bel Edwards has activated a state-wide state of emergency in response to a wave of ransomware infections that have hit multple school districts.

The ransomware infections took place this week and have impacted the school districts of three North Louisiana parishes — Sabine, Morehouse, and Ouachita.

IT networks are down at all three school districts, and files have been encrypted and are inaccessible, local media outlets are reporting.

This is the second time that a state governor has activated a state emergency due to ransomware or any form of cyber-attack. The first time was in Colorado in February 2018, when the Colorado Department of Transportation was forced to shut down operations because of an infection with the SamSam ransomware. However, that state emergency activated additional state resources to help with traffic, road management, and transportation, and not with deploying cyber-security experts to help victims, like in Louisiana’s case.

By signing the Emergency Declaration, the Louisiana governor is making available state resources to impacted schools.

This includes assistance from cybersecurity experts from the Louisiana National Guard, Louisiana State Police, the Office of Technology Services, the Governor’s Office of Homeland Security and Emergency Preparedness (GOHSEP), and others.

State officials hope that additional IT expertise will speed up the recovery process so schools can resume their activity and preparations for the upcoming school year.

Gov. Edwards was able to roll out a coordinated response for the ransomware infections at schools in the North Louisiana because he previously established a Cybersecurity Commission to assemble and coordinate response teams in the event of a cyber-attack.

He created this commission in December 2017, in the year when three ransomware outbreaks — namely WannaCry, NotPetya, and Bad Rabbit — had caused havoc across the globe, including in Louisiana.

“This is exactly why we established the Cyber Security Commission, focused on preparing for, responding to and preventing cybersecurity attacks, and we are well-positioned to assist local governments as they battle this current threat,” Gov. Edwards said.

The state of emergency will remain in place until August 21, or until the recovery process at impacted school districts wraps up.

Gulf Coast neighbor Florida could have used a state of emergency declaration last month, as well, after three municipalities were hit by ransomware — Riviera Beach (paid $600,000); Lake City (paid $500,000); and Key Biscayne (recovered from backups).

In recent months, US cities have been a prime target for ransomware gangs. Earlier today, some residents of Johannesburg, South Africa’s biggest city and financial capital, have been left without electricity after a ransomware infection.

Article Credit